When most people think of network security, they think of people sitting up in the computer rooms deep inside corporate headquarters, sifting through thousands of computer assets on networks stretching across the entire globe. Not many people consider monitoring a network as something that is really important in a home setting.

However, there is one additional step you can take to ensure that all devices on your home network are healthy and secure, and that is running a regular network security audit on your home network. This is especially true on a Wi-Fi network, where it is far more likely that you may pick up hitchhikers and hijackers within your local community.

Monitor Your Network With Nmap

One of the simplest Wi-Fi security software apps you can use to keep an eye on your Wi-Fi security and network is Nmap. Nmap is actually short for “Zenmap”, which is the title of the app that you’ll see once you install it. This program is a fast and efficient way to scan your entire network. It can be used to conduct a security analysis on one device that you know is on your network, or it can scan an entire range of IP addresses to search for security vulnerabilities on any device.

You can see at the top of the main window that there is a field for the “target.” This is the IP address of the device or devices that you want to scan. One of the difficulties of monitoring for unknown devices that are on your network without permission is knowing what the IP address of those devices are. One way to make identifying hijackers much easier is by defining only a range of IP addresses in your router. This way, any computer that connects to your network must have one IP within a range.

Advertisement

You can do this by going to your router admin panel, clicking on network setup, enabling DHCP and enabling a range of IP addresses to lease out to new devices. In the example below, I’ve started at 192.168.1.100 and allowed for only 50 IP addresses (up to 192.168.1.149).

Once you do this, you will know what range of targets to scan to look for any surprises on your network. Getting back to Zenmap, if you do want to analyze an individual device, just type the IP address in the target field. Under “Profile“, you can choose what level of scan you want the software to conduct. “Intense Scan” is obviously more thorough, or you can just do a ping to see what devices are live, or a list of other scans as shown here.

An intense scan gives you a whole lot of information about a device. It’ll do a port scan and tell you what ports are open on that computer or server, what services are running, what operating system and other software is running, and a whole lot more. This is a brilliant way to see whether or not there are any surprises. If any viruses get installed on your machine and open up a new port to start relaying spam, this scan will pick up on it even if your antivirus software didn’t.

In the ports/hosts tab, you can see a visual display of all ports that are open, their state, protocol, and the service that’s using the port.

Click on the “Host Details” tab, and you can see a summary display of scanned properties for each host. This can really come in handy when you have a very slow Internet connection and want to see what’s eating up all of your bandwidth. You may be surprised to discover that a device has an odd port open with some unknown service reaching out over the Internet through that port.

A far more popular use of this software is as a regular network scanner for maintaining a network. You can scan the entire range of IP addresses you’ve defined in your router, and the software will go through each IP, one at a time, and conduct a full scan on each device. You can define a range by using the CIDR style of addressing. In the example below I used /24 numbits to have the software scan 256 hosts starting at 192.168.1.1.

Once the network scan is done, all active hosts on the network will show up on the list to the left. Keep an eye out for any surprises showing up on your Wi-Fi network. You can click on each host device, and the scan results for that device will show up in the Nmap Output display on the right.

In my opinion, one of the coolest features of this software is the Topology display, which will give you a graphical representation of all of the devices on your network, as well as the security level represented by the scan results. You can right-click on the host node and select to see more details about it.

For regular routine monitoring and maintenance of your home or small business network, this wi-fi security software is a must-have. At the very least, it’ll give you the peace of mind of knowing exactly what’s on your network and what sort of activity is going on, utilizing your precious bandwidth.

Give Nmap a try. Did it uncover anything interesting going on in your network? Share your experiences with using it in the comments section below.

I suggest you scan the whole ip range (192.168.1.0/24), no only the one you defined to be leased by DHCP. I someone detects which of the reserved network ranges you are using at home - and the bets are on the one from the factory settings - any address manually picked within the range can "talk" seamlessly with the rest of the computers.

(please forgive my mistakes)
I suggest you scan the whole ip range (192.168.1.0/24), not only the one
you defined to be leased by DHCP. If someone detects which of the
reserved network ranges you are using at home - and the bets are you are using the factory settings - any address manually picked within the
range can "talk" seamlessly with the rest of the computers.

Nmap isn't a complete security suite for wireless, as the article tries to establish. Other things to take into account are your wireless security protocol (WPA2), length of password and randomness of password. People shouldn't be on your network in the first place to check your ports. If they are, you've lost half the battle already. Oh yeah, and thumbs up to the previous 2 comments.

Thanks for the corrections! And I know the software can be used for more than just Wi-Fi, but the article was focused on how you can use it to audit your Wi-Fi network. While I realize it shouldn't be called "wi-fi network auditing software", I called it such because that's all I wanted to use it for.

However, you make a valid point that it can be used for much more than just that purpose.

Ryan Dube is MUO's Managing Editor. Ryan has a BSc degree in Electrical Engineering. He's worked 13 years in automation engineering, 5 years in IT, and now is an Apps Engineer. He's spoken at national conferences on Data Visualization and was been featured on national TV and radio.